karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Changhoon Yoon (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (KARAF-3400) Enabling Java System Security and OSGi security leaves Karaf in unusable state
Date Wed, 10 Jun 2015 16:29:01 GMT

    [ https://issues.apache.org/jira/browse/KARAF-3400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14580745#comment-14580745
] 

Changhoon Yoon edited comment on KARAF-3400 at 6/10/15 4:28 PM:
----------------------------------------------------------------

I've done some investigations on this issue, particularly w/ Felix framework impl. 

It looks like Felix config admin v1.8 is causing the problem, and Karaf has been using this
Felix config admin v1.8 since Karaf 2.4.8, 3.0.2 and 4.0.0
I did not get a chance to test Karaf 2.3.x though. 

Try Karaf 2.4.7 or 3.0.1  (these versions use Felix config admin v1.6),
or if you need to stick with v. 2.3.11, try to install Felix config admin v1.6 if this version
of Karaf is using Felix config admin v1.8. 



was (Author: chyoon87):
I've done some investigations on this issue, particularly w/ Felix framework impl. 

It looks like Felix config admin v1.8 is causing the problem, and Karaf has been using this
Felix config admin v1.8 since Karaf 2.4.8, 3.0.2 and 4.0.0
I did not get a chance to test Karaf 2.3.x though. 

Try Karaf 2.4.7 or 3.0.1  (these versions use Felix config admin v1.6),
or if you need to stick with v. 2.3.11, try to install Felix config admin v1.6 instead. 


> Enabling Java System Security and OSGi security leaves Karaf in unusable state
> ------------------------------------------------------------------------------
>
>                 Key: KARAF-3400
>                 URL: https://issues.apache.org/jira/browse/KARAF-3400
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-core
>    Affects Versions: 3.0.2, 4.0.0.M1
>            Reporter: Achim Nierbeck
>
> It seems to boil down to the new functionalities of OSGi, like Bundle Adapt fails with
the default security configuration 
> {code}
> java.security.AccessControlException: access denied ("org.osgi.framework.AdaptPermission"
"org.osgi.framework.wiring.BundleRevision" "adapt")
> 	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
> 	at org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager.internalCheckPermission(EquinoxSecurityManager.java:117)
> 	at org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager$CheckPermissionAction.run(EquinoxSecurityManager.java:60)
> 	at java.security.AccessController.doPrivileged(Native Method)
> {code}
> Just switch framework to equinox and enable the security params in etc/system.properties
> {code}
> #
> # By default, only Karaf shell commands are secured, but additional services can be
> #
> # To enable OSGi security, uncomment the properties below,
> # install the framework-security feature and restart.
> #
> java.security.policy=${karaf.etc}/all.policy
> org.osgi.framework.security=osgi
> org.osgi.framework.trust.repositories=${karaf.etc}/trustStore.ks
> {code}
> This also happens with Felix but needs the additional Felix.Security bundle to be installed.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message